910 - English, Jan-Feb
910 - English, March
All Government of Canada (GC) departments and agencies transmitting, storing or processing sensitive government information must be protected by systems that have been developed, acquired and evaluated according to recognized standards and implemented in accordance with GC policies and directives.
This boot camp will provide participants with the overall concepts of IT security risk management for the GC and the foundational knowledge and guidelines needed to contribute to the development of security control profiles. It will also highlight the integration of IT security risk management within the System Development Lifecycle (SDLC) as described in ITSG-33.
This boot camp consists of the following foundational courses:
- 104 – IT Security Risk Management: A Lifecycle Approach (ITSG-33)
- 105 – Information System Security Implementation Process (ISSIP)*
- 701 – IT Security Risk Management and Security Control Profiles*
* Courses 105 and 701 are no longer offered on our public schedule.
This course will provide you with a high-level appreciation of the key concepts and processes of cross domain solutions. It will help you plan and understand the business requirements for cross domains solutions when the need arises for information sharing between security domains.
- Apply IT security risk management within the GC context
- Identify the initial steps to integrating risk management guidance within your department
- Describe the ISSIP and why it is required
- Situate the ISSIP within the ITSG-33 security risk management process
- Describe all the ISSIP activities
- Complete key ISSIP activities
- Interpret departmental threat & risk assessments
- Identify business domains
- Define IT security approaches
- Identify relevant common criteria
- Develop departmental security control profiles
In-class: four straight days, usually from Monday to Thursday.
WEBEX (virtual): in two blocks of two days, usually over a period of two weeks
Project/Program Managers, IT Security Designers, Architects, Engineers and Managers
Course 601 – Introduction to IT Security Management [e-learning]